Sun Microsystems, Inc.  Sun System Handbook - ISO 4.1 October 2012 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-77-1019460.1
Update Date:2012-07-26
Keywords:
Solution Type  Sun Alert Sure

Solution  1019460.1 :   Security Vulnerabilities in the Embedded Lights Out Manager (ELOM) on Sun Fire X2100 M2 and X2200 M2 May Allow Unauthorized Logins  

Related Items 
    

  • Sun Fire X2200 M2 Server
    •  
  • Sun Fire X2100 M2 Server
    •  
Related Categories 
    

  • PLA-Support>Sun Systems>Sun_Other>Sun Collections>SN-OTH: Sun Alert
    •  
  • .Old GCS Categories>Sun Microsystems>Sun Alert>Criteria Category>Security
    •  
  • .Old GCS Categories>Sun Microsystems>Sun Alert>Release Phase>Resolved
    •  

PreviouslyPublishedAs
239886 


Bug Id

SUNBUG:6633175, SUNBUG:6648082


Product
Sun Fire X2100 M2 Server

Sun Fire X2200 M2 Server

Date of Resolved Release
28-Jan-2009


***Checked for relevance on 26-Jul-2012***


1. Impact



Security vulnerabilities in the Embedded Lights Out Manager (ELOM) on
Sun Fire X2100 M2 and X2200 M2 servers may allow remote unprivileged
users to gain unauthorized login access with all privileges to the ELOM or
execute arbitrary commands on the Service Processor (SP).



Sun acknowledges with thanks, Tomas Kopal for discovering and
reporting one of the above two issues.



2. Contributing Factors



These issues can occur on the following platforms:



x86 Platform


    

  • Sun Fire X2100/X2200 M2 Servers with SP/BMC firmware version 3.19
or earlier
    • 


Notes:


    

  1. No other x64 systems are affected by these issues.
    2. 

  2. The SPARC platform is not affected by these issues.
    

    3. 


To determine the firmware version of the Service Processor (SP), the
ipmitool(1M) utility can be run as in the following example:


$ ipmitool -H <hostname> -U <username> mc info
Device ID              : 5
Device Revision        : 0
Firmware Revision      : 2.91
IPMI Version           : 2.0

or the following command can be used at the CLI (logged in to the SP):


/SP -> show /SP/AgentInfo
/SP/AgentInfo
...
Properties:
HWVersion = 0
FWVersion = 3.09



3. Symptoms



There are no predictable symptoms to indicate these issues have been
exploited to gain unauthorized access to the ELOM interface.



4. Workaround



To work around these issues, administrators may restrict access to the
Service Processor (SP) on the Sun Fire servers by either connecting to
it only via serial port or by allowing access to it only from a private
management network.



Additional information regarding management of the Sun Fire X2100/X2200
M2 Servers, ELOM, and ipmitool(1m) can be found in the "Embedded Lights
Out Manager Administration Guide" at:






5. Resolution



These issues are addressed in the following releases:



x86 Platform


    

  • Sun Fire X2100 M2 Server with firmware version 3.20 from the 1.7
"Tools and Drivers" CD (or later) ISO 
    • 


The ISO image is available at:





    

  • Sun Fire X2200 M2 Server with firmware version 3.20 from the 2.1
"Tools and Drivers" CD (or later) 
    • 


The ISO image is available at:







For more information
on Security Sun Alerts, see <Document: 1009886.1>.






Modification History:

28-Jan-2009: Document released

26-Jul-2012: Maintenance check for relevance/currency, no change in content




Attachments

This solution has no attachment


















       

Copyright © 2012 Sun Microsystems, Inc.  All rights reserved.

 Feedback